1 /*
2 * Copyright (c) 2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "acquire_data_subscribe_manager.h"
17 #include <cinttypes>
18 #include <functional>
19 #include "file_ex.h"
20 #include "ipc_skeleton.h"
21 #include "acquire_data_callback_proxy.h"
22 #include "database_manager.h"
23 #include "security_guard_define.h"
24 #include "security_collector_subscribe_info.h"
25 #include "security_guard_log.h"
26 #ifdef SECURITY_GUARD_ENABLE_DEVICE_ID
27 #include "device_manager.h"
28 #endif
29 #include "ffrt.h"
30 #include "event_define.h"
31 #include "i_model_info.h"
32 #include "config_data_manager.h"
33 #include "collector_manager.h"
34 #include "data_collection.h"
35 #include "security_event_filter.h"
36 #include "security_event_info.h"
37 #include "data_format.h"
38
39 namespace OHOS::Security::SecurityGuard {
40 namespace {
41 constexpr size_t MAX_CACHE_EVENT_SIZE = 16 * 1024;
42 constexpr int64_t MAX_DURATION_TEN_SECOND = 10 * 1000;
43 constexpr size_t MAX_SESSION_SIZE = 16;
44 constexpr size_t MAX_SESSION_SIZE_ONE_PROCESS = 2;
45 #ifdef SECURITY_GUARD_ENABLE_DEVICE_ID
46 constexpr const char *PKG_NAME = "ohos.security.securityguard";
47 #endif
48 constexpr int UPLOAD_EVENT_THREAD_MAX_CONCURRENCY = 16;
49 constexpr int UPLOAD_EVENT_TASK_MAX_COUNT = 10 * 4096;
50 constexpr int UPLOAD_EVENT_DB_TASK_MAX_COUNT = 64;
51 std::atomic<uint32_t> g_taskCount = 0;
52 }
53
54 #ifdef SECURITY_GUARD_ENABLE_DEVICE_ID
55 class InitCallback : public DistributedHardware::DmInitCallback {
56 public:
57 ~InitCallback() override = default;
OnRemoteDied()58 void OnRemoteDied() override {};
59 };
60 #endif
61
GetInstance()62 AcquireDataSubscribeManager& AcquireDataSubscribeManager::GetInstance()
63 {
64 static AcquireDataSubscribeManager instance;
65 return instance;
66 }
67
AcquireDataSubscribeManager()68 AcquireDataSubscribeManager::AcquireDataSubscribeManager() : listener_(std::make_shared<DbListener>()),
69 collectorListener_(std::make_shared<CollectorListener>())
70 {
71 handle_ = dlopen(SECURITY_GUARD_EVENT_FILTER_PATH, RTLD_LAZY);
72 if (handle_ != nullptr) {
73 eventFilter_ = reinterpret_cast<GetEventFilterFunc>(dlsym(handle_, "GetEventFilter"));
74 }
75 wrapperHandle_ = dlopen(SECURITY_GUARD_EVENT_WRAPPER_PATH, RTLD_LAZY);
76 if (wrapperHandle_ != nullptr) {
77 eventWrapper_ = reinterpret_cast<GetEventWrapperFunc>(dlsym(wrapperHandle_, "GetEventWrapper"));
78 }
79 if (eventFilter_ == nullptr) {
80 SGLOGI("eventFilter_ is nullptr");
81 }
82 if (eventWrapper_ == nullptr) {
83 SGLOGI("eventWrapper_ is nullptr");
84 }
85 }
86
~AcquireDataSubscribeManager()87 AcquireDataSubscribeManager::~AcquireDataSubscribeManager()
88 {
89 if (handle_ != nullptr) {
90 dlclose(handle_);
91 handle_ = nullptr;
92 }
93 if (wrapperHandle_ != nullptr) {
94 dlclose(wrapperHandle_);
95 wrapperHandle_ = nullptr;
96 }
97 }
98
InsertSubscribeRecord(int64_t eventId,const std::string & clientId)99 int AcquireDataSubscribeManager::InsertSubscribeRecord(int64_t eventId, const std::string &clientId)
100 {
101 AcquireDataSubscribeManager::GetInstance().InitUserId();
102 AcquireDataSubscribeManager::GetInstance().InitDeviceId();
103 std::lock_guard<ffrt::mutex> lock(sessionMutex_);
104 if (sessionsMap_.find(clientId) == sessionsMap_.end() || sessionsMap_.at(clientId) == nullptr) {
105 SGLOGI("not find current clientId");
106 return BAD_PARAM;
107 }
108 if (sessionsMap_.at(clientId)->subEvents.find(eventId) != sessionsMap_.at(clientId)->subEvents.end()) {
109 SGLOGE("not need subscribe again");
110 return SUCCESS;
111 }
112 int32_t code = SubscribeSc(eventId);
113 if (code != SUCCESS) {
114 SGLOGE("SubscribeSc error");
115 return code;
116 }
117 sessionsMap_[clientId]->subEvents.insert(eventId);
118 if (sessionsMap_.at(clientId)->eventFilters.find(eventId) == sessionsMap_.at(clientId)->eventFilters.end()) {
119 return SUCCESS;
120 }
121 for (auto iter : sessionsMap_.at(clientId)->eventFilters.at(eventId)) {
122 InsertMute(iter, clientId);
123 }
124 return SUCCESS;
125 }
126
InsertSubscribeRecord(const SecurityCollector::SecurityCollectorSubscribeInfo & subscribeInfo,const sptr<IRemoteObject> & callback,const std::string & clientId)127 int AcquireDataSubscribeManager::InsertSubscribeRecord(
128 const SecurityCollector::SecurityCollectorSubscribeInfo &subscribeInfo, const sptr<IRemoteObject> &callback,
129 const std::string &clientId)
130 {
131 AccessToken::AccessTokenID callerToken = IPCSkeleton::GetCallingTokenID();
132 int64_t eventId = subscribeInfo.GetEvent().eventId;
133 AcquireDataSubscribeManager::GetInstance().InitUserId();
134 AcquireDataSubscribeManager::GetInstance().InitDeviceId();
135 std::lock_guard<ffrt::mutex> lock(sessionMutex_);
136 if (sessionsMap_.find(clientId) != sessionsMap_.end() && sessionsMap_.at(clientId) != nullptr &&
137 sessionsMap_.at(clientId)->subEvents.find(eventId) != sessionsMap_.at(clientId)->subEvents.end()) {
138 SGLOGE("not need subscribe again");
139 return SUCCESS;
140 }
141 int32_t code = SubscribeSc(eventId);
142 if (code != SUCCESS) {
143 SGLOGE("SubscribeSc error");
144 return code;
145 }
146 if (sessionsMap_.find(clientId) == sessionsMap_.end() || sessionsMap_.at(clientId) == nullptr) {
147 auto session = std::make_shared<ClientSession>();
148 session->clientId = clientId;
149 session->callback = callback;
150 session->tokenId = callerToken;
151 session->eventGroup = subscribeInfo.GetEventGroup();
152 sessionsMap_[clientId] = session;
153 }
154 sessionsMap_[clientId]->subEvents.insert(eventId);
155 return SUCCESS;
156 }
157
RemoveSubscribeRecord(int64_t eventId,const sptr<IRemoteObject> & callback,const std::string & clientId)158 int AcquireDataSubscribeManager::RemoveSubscribeRecord(int64_t eventId, const sptr<IRemoteObject> &callback,
159 const std::string &clientId)
160 {
161 std::lock_guard<ffrt::mutex> lock(sessionMutex_);
162 if (sessionsMap_.find(clientId) == sessionsMap_.end() || sessionsMap_.at(clientId) == nullptr) {
163 SGLOGI("not find current clientId");
164 return SUCCESS;
165 }
166 if (sessionsMap_.at(clientId)->subEvents.find(eventId) == sessionsMap_.at(clientId)->subEvents.end()) {
167 SGLOGI("not find current eventid");
168 return SUCCESS;
169 }
170 sessionsMap_.at(clientId)->subEvents.erase(eventId);
171 bool isFind = false;
172 for (const auto &iter : sessionsMap_) {
173 if (iter.second != nullptr && iter.second->subEvents.find(eventId) != iter.second->subEvents.end()) {
174 isFind = true;
175 break;
176 }
177 }
178 if (!isFind) {
179 int ret = UnSubscribeSc(eventId);
180 if (ret != SUCCESS) {
181 SGLOGE("UnSubscribeSc fail");
182 sessionsMap_.at(clientId)->subEvents.insert(eventId);
183 return ret;
184 }
185 }
186 if (sessionsMap_.at(clientId)->subEvents.empty()) {
187 sessionsMap_.erase(clientId);
188 }
189 return SUCCESS;
190 }
191 // LCOV_EXCL_START
InsertMute(const EventMuteFilter & filter,const std::string & clientId)192 int AcquireDataSubscribeManager::InsertMute(const EventMuteFilter &filter, const std::string &clientId)
193 {
194 SecurityCollector::SecurityCollectorEventMuteFilter collectorFilter = ConvertFilter(filter, clientId);
195 EventCfg config {};
196 if (!ConfigDataManager::GetInstance().GetEventConfig(collectorFilter.eventId, config)) {
197 SGLOGE("GetEventConfig error");
198 return BAD_PARAM;
199 }
200 if (eventFilter_ == nullptr) {
201 SGLOGE("eventFilter_ is null");
202 return NULL_OBJECT;
203 }
204 int ret = eventFilter_()->SetEventFilter(collectorFilter);
205 if (ret != SUCCESS) {
206 SGLOGE("SetEventFilter failed, ret=%{public}d", ret);
207 return ret;
208 }
209 return SUCCESS;
210 }
211
SubscribeScInSg(int64_t eventId)212 int AcquireDataSubscribeManager::SubscribeScInSg(int64_t eventId)
213 {
214 SecurityCollector::Event event {};
215 event.eventId = eventId;
216 SGLOGI("Scheduling start collector, eventId:%{public}" PRId64, eventId);
217 if (eventToListenner_.count(eventId) != 0) {
218 return SUCCESS;
219 }
220 if (collectorListener_ == nullptr) {
221 SGLOGE("collectorListener is nullptr");
222 return NULL_OBJECT;
223 }
224 if (!SecurityCollector::DataCollection::GetInstance().SubscribeCollectors({eventId}, collectorListener_)) {
225 SGLOGI("Subscribe SG failed, eventId=%{public}" PRId64, eventId);
226 return FAILED;
227 }
228 eventToListenner_.emplace(eventId, collectorListener_);
229 return SUCCESS;
230 }
231
SubscribeScInSc(int64_t eventId)232 int AcquireDataSubscribeManager::SubscribeScInSc(int64_t eventId)
233 {
234 if (scSubscribeMap_.count(eventId) != 0) {
235 return SUCCESS;
236 }
237 SecurityCollector::Event scEvent;
238 scEvent.eventId = eventId;
239 auto subscriber = std::make_shared<AcquireDataSubscribeManager::SecurityCollectorSubscriber>(scEvent);
240 int code = SecurityCollector::CollectorManager::GetInstance().Subscribe(subscriber);
241 if (code != SUCCESS) {
242 SGLOGI("Subscribe SC failed, code=%{public}d", code);
243 return code;
244 }
245 scSubscribeMap_[eventId] = subscriber;
246 return SUCCESS;
247 }
248
SubscribeSc(int64_t eventId)249 int AcquireDataSubscribeManager::SubscribeSc(int64_t eventId)
250 {
251 EventCfg config {};
252 bool isSuccess = ConfigDataManager::GetInstance().GetEventConfig(eventId, config);
253 if (!isSuccess) {
254 SGLOGE("GetEventConfig error");
255 return BAD_PARAM;
256 }
257 if (config.eventType != static_cast<uint32_t>(EventTypeEnum::SUBSCRIBE_COLL)) {
258 return SUCCESS;
259 }
260 // 订阅SG
261 if (config.prog == "security_guard") {
262 return SubscribeScInSg(eventId);
263 }
264 // 订阅SC
265 return SubscribeScInSc(eventId);
266 }
267
UnSubscribeSc(int64_t eventId)268 int AcquireDataSubscribeManager::UnSubscribeSc(int64_t eventId)
269 {
270 EventCfg config;
271 bool isSuccess = ConfigDataManager::GetInstance().GetEventConfig(eventId, config);
272 if (!isSuccess) {
273 SGLOGE("GetEventConfig error");
274 return BAD_PARAM;
275 }
276 if (config.eventType != static_cast<uint32_t>(EventTypeEnum::SUBSCRIBE_COLL)) {
277 return SUCCESS;
278 }
279 // 解订阅SG
280 if (config.prog == "security_guard") {
281 if (eventToListenner_.count(eventId) == 0) {
282 SGLOGE("not find evenId in linstener, eventId=%{public}" PRId64, eventId);
283 return FAILED;
284 }
285 if (!SecurityCollector::DataCollection::GetInstance().UnsubscribeCollectors({eventId})) {
286 SGLOGE("UnSubscribe SG failed, eventId=%{public}" PRId64, eventId);
287 return FAILED;
288 }
289 eventToListenner_.erase(eventId);
290 return SUCCESS;
291 }
292 // 解订阅SC
293 auto it = scSubscribeMap_.find(eventId);
294 if (it == scSubscribeMap_.end()) {
295 SGLOGE("event not subscribe eventId=%{public}" PRId64, eventId);
296 return FAILED;
297 }
298 int ret = SecurityCollector::CollectorManager::GetInstance().Unsubscribe(it->second);
299 if (ret != SUCCESS) {
300 SGLOGE("UnSubscribe SC failed, ret=%{public}d", ret);
301 return ret;
302 }
303 it->second = nullptr;
304 scSubscribeMap_.erase(it);
305 SGLOGI("UnSubscribeSc scSubscribeMap_size %{public}zu", scSubscribeMap_.size());
306 return SUCCESS;
307 }
308 // LCOV_EXCL_STOP
RemoveSubscribeRecord(int64_t eventId,const std::string & clientId)309 int AcquireDataSubscribeManager::RemoveSubscribeRecord(int64_t eventId, const std::string &clientId)
310 {
311 std::lock_guard<ffrt::mutex> lock(sessionMutex_);
312 if (sessionsMap_.find(clientId) == sessionsMap_.end() || sessionsMap_.at(clientId) == nullptr) {
313 SGLOGI("not find current clientId");
314 return BAD_PARAM;
315 }
316 if (sessionsMap_.at(clientId)->subEvents.find(eventId) == sessionsMap_.at(clientId)->subEvents.end()) {
317 SGLOGI("not find current eventid");
318 return BAD_PARAM;
319 }
320 sessionsMap_.at(clientId)->subEvents.erase(eventId);
321 bool isFind = false;
322 for (const auto &iter : sessionsMap_) {
323 if (iter.second != nullptr && iter.second->subEvents.find(eventId) != iter.second->subEvents.end()) {
324 isFind = true;
325 break;
326 }
327 }
328 if (!isFind) {
329 int ret = UnSubscribeSc(eventId);
330 if (ret != SUCCESS) {
331 SGLOGE("UnSubscribeSc fail");
332 sessionsMap_.at(clientId)->subEvents.insert(eventId);
333 return ret;
334 }
335 }
336 return SUCCESS;
337 }
338 // LCOV_EXCL_START
RemoveSubscribeRecordOnRemoteDied(const sptr<IRemoteObject> & callback)339 void AcquireDataSubscribeManager::RemoveSubscribeRecordOnRemoteDied(const sptr<IRemoteObject> &callback)
340 {
341 std::lock_guard<ffrt::mutex> lock(sessionMutex_);
342 std::set<int64_t> allSubEventId {};
343 std::set<int64_t> currentEventId {};
344 auto finder = [callback](std::pair<std::string, std::shared_ptr<ClientSession>> iter) {
345 return callback == iter.second->callback;
346 };
347 auto iter = find_if(sessionsMap_.begin(), sessionsMap_.end(), finder);
348 if (iter != sessionsMap_.end()) {
349 currentEventId = iter->second->subEvents;
350 if (eventFilter_ != nullptr) {
351 eventFilter_()->RemoveSdkAllEventFilter(iter->first);
352 }
353 sessionsMap_.erase(iter);
354 }
355 for (const auto &iter : sessionsMap_) {
356 for (const auto &it : iter.second->subEvents) {
357 allSubEventId.insert(it);
358 }
359 }
360 for (const auto &iter : currentEventId) {
361 // no one subscribed id
362 if (allSubEventId.find(iter) == allSubEventId.end()) {
363 (void)UnSubscribeSc(iter);
364 }
365 }
366 }
367
StartClearEventCache()368 void AcquireDataSubscribeManager::StartClearEventCache()
369 {
370 auto task = [this]() {
371 while (true) {
372 this->ClearEventCache();
373 {
374 std::lock_guard<ffrt::mutex> lock(clearCachemutex_);
375 if (isStopClearCache_ == true) {
376 break;
377 }
378 }
379 ffrt::this_task::sleep_for(std::chrono::milliseconds(MAX_DURATION_TEN_SECOND));
380 }
381 };
382 ffrt::submit(task);
383 }
384
StopClearEventCache()385 void AcquireDataSubscribeManager::StopClearEventCache()
386 {
387 std::lock_guard<ffrt::mutex> lock(clearCachemutex_);
388 isStopClearCache_ = true;
389 }
390
ClearEventCache()391 void AcquireDataSubscribeManager::ClearEventCache()
392 {
393 std::vector<SecurityCollector::Event> tmp {};
394 {
395 std::lock_guard<ffrt::mutex> lock(eventsMutex_);
396 tmp = events_;
397 }
398 for (const auto &event : tmp) {
399 SecEvent secEvent {};
400 secEvent.eventId = event.eventId;
401 secEvent.version = event.version;
402 secEvent.date = event.timestamp;
403 secEvent.content = event.content;
404 secEvent.userId = event.userId;
405 int code = DatabaseManager::GetInstance().InsertEvent(USER_SOURCE, secEvent, {});
406 if (code != SUCCESS) {
407 SGLOGE("insert event error, %{public}d", code);
408 }
409 }
410 {
411 std::lock_guard<ffrt::mutex> lock(eventsMutex_);
412 events_.clear();
413 eventsBuffSize_ = 0;
414 }
415 }
416
GetCurrentClientCallback(const std::string & clientId)417 sptr<IRemoteObject> AcquireDataSubscribeManager::GetCurrentClientCallback(const std::string &clientId)
418 {
419 std::lock_guard<ffrt::mutex> lock(sessionMutex_);
420 if (sessionsMap_.find(clientId) == sessionsMap_.end()) {
421 return nullptr;
422 }
423 auto session = sessionsMap_.at(clientId);
424 if (session == nullptr) {
425 return nullptr;
426 }
427 return sessionsMap_.at(clientId)->callback;
428 }
429
GetCurrentClientGroup(const std::string & clientId)430 std::string AcquireDataSubscribeManager::GetCurrentClientGroup(const std::string &clientId)
431 {
432 std::lock_guard<ffrt::mutex> lock(sessionMutex_);
433 if (sessionsMap_.find(clientId) == sessionsMap_.end()) {
434 return "";
435 }
436 auto session = sessionsMap_.at(clientId);
437 if (session == nullptr) {
438 return "";
439 }
440 return sessionsMap_.at(clientId)->eventGroup;
441 }
442
InitUserId()443 void AcquireDataSubscribeManager::InitUserId()
444 {
445 int32_t id = -1;
446 int32_t code = AccountSA::OsAccountManager::GetForegroundOsAccountLocalId(id);
447 if (code != ERR_OK) {
448 SGLOGE("GetForegroundOsAccountLocalId Fail");
449 return;
450 }
451 std::lock_guard<ffrt::mutex> lock(userIdMutex_);
452 userId_ = id;
453 }
454
InitDeviceId()455 void AcquireDataSubscribeManager::InitDeviceId()
456 {
457 #ifdef SECURITY_GUARD_ENABLE_DEVICE_ID
458 auto callback = std::make_shared<InitCallback>();
459 int32_t ret = DistributedHardware::DeviceManager::GetInstance().InitDeviceManager(PKG_NAME, callback);
460 if (ret != SUCCESS) {
461 SGLOGI("init device manager failed, result is %{public}d", ret);
462 return;
463 }
464 DistributedHardware::DmDeviceInfo deviceInfo;
465 ret = DistributedHardware::DeviceManager::GetInstance().GetLocalDeviceInfo(PKG_NAME, deviceInfo);
466 if (ret != SUCCESS) {
467 SGLOGI("get local device into error, code=%{public}d", ret);
468 return;
469 }
470 std::lock_guard<ffrt::mutex> lock(userIdMutex_);
471 deviceId_ = deviceInfo.deviceId;
472 #endif
473 }
474
DeInitDeviceId()475 void AcquireDataSubscribeManager::DeInitDeviceId()
476 {
477 #ifdef SECURITY_GUARD_ENABLE_DEVICE_ID
478 int ret = DistributedHardware::DeviceManager::GetInstance().UnInitDeviceManager(PKG_NAME);
479 if (ret != SUCCESS) {
480 SGLOGE("UnInitDeviceManager fail, code =%{public}d", ret);
481 }
482 #endif
483 }
484
InitEventQueue()485 void AcquireDataSubscribeManager::InitEventQueue()
486 {
487 if (queue_ != nullptr) {
488 SGLOGI("InitEventQueue queue_ already init");
489 return;
490 }
491 if (dbQueue_ != nullptr) {
492 SGLOGI("InitEventQueue dbQueue already init");
493 return;
494 }
495 queue_ = std::make_shared<ffrt::queue>(ffrt::queue_concurrent, "UploadEvent",
496 ffrt::queue_attr().max_concurrency(UPLOAD_EVENT_THREAD_MAX_CONCURRENCY));
497 dbQueue_ = std::make_shared<ffrt::queue>(ffrt::queue_serial, "UploadDbEvent");
498 SGLOGI("InitEventQueue successed");
499 }
500
NotifySub(sptr<IRemoteObject> obj,const SecurityCollector::Event & events)501 void AcquireDataSubscribeManager::NotifySub(sptr<IRemoteObject> obj, const SecurityCollector::Event &events)
502 {
503 auto proxy = iface_cast<IAcquireDataCallback>(obj);
504 if (proxy == nullptr) {
505 SGLOGI("proxy is null");
506 return;
507 }
508 proxy->OnNotify({events});
509 SGLOGD("upload event to subscribe");
510 }
511
UploadEventToSub(const SecurityCollector::Event & event)512 void AcquireDataSubscribeManager::UploadEventToSub(const SecurityCollector::Event &event)
513 {
514 // upload to subscriber
515 auto task = [event]() {
516 AcquireDataSubscribeManager::GetInstance().PublishEventToSub(event);
517 g_taskCount.fetch_sub(1);
518 };
519 if (g_taskCount.load() > UPLOAD_EVENT_TASK_MAX_COUNT) {
520 SGLOGI("subed event be discarded id is %{public}" PRId64, event.eventId);
521 return;
522 }
523 {
524 std::lock_guard<ffrt::mutex> lock(queueMutex_);
525 if (queue_ == nullptr) {
526 return;
527 }
528 queue_->submit(task);
529 }
530 g_taskCount.fetch_add(1);
531 }
532
UploadEventToStore(const SecurityCollector::Event & event)533 void AcquireDataSubscribeManager::UploadEventToStore(const SecurityCollector::Event &event)
534 {
535 // upload to store
536 std::vector<SecurityCollector::Event> tmp {};
537 {
538 std::lock_guard<ffrt::mutex> lock(eventsMutex_);
539 events_.emplace_back(event);
540 eventsBuffSize_ += GetSecurityCollectorEventBufSize(event);
541 if (eventsBuffSize_ < MAX_CACHE_EVENT_SIZE) {
542 return;
543 }
544 tmp = events_;
545 }
546 auto task = [tmp] () {
547 for (const auto &event : tmp) {
548 SecEvent secEvent {};
549 secEvent.eventId = event.eventId;
550 secEvent.version = event.version;
551 secEvent.date = event.timestamp;
552 secEvent.content = event.content;
553 secEvent.userId = event.userId;
554 int code = DatabaseManager::GetInstance().InsertEvent(USER_SOURCE, secEvent, {});
555 if (code != SUCCESS) {
556 SGLOGE("insert event error, %{public}d", code);
557 }
558 }
559 };
560 {
561 std::lock_guard<ffrt::mutex> lock(dbQueueMutex_);
562 if (dbQueue_ == nullptr) {
563 return;
564 }
565 if (dbQueue_->get_task_cnt() > UPLOAD_EVENT_DB_TASK_MAX_COUNT) {
566 for (const auto &event : tmp) {
567 SGLOGI("db event be discarded is id %{public}" PRId64, event.eventId);
568 }
569 return;
570 }
571 dbQueue_->submit(task);
572 }
573 {
574 std::lock_guard<ffrt::mutex> lock(eventsMutex_);
575 events_.clear();
576 eventsBuffSize_ = 0;
577 }
578 }
579
UploadEvent(const SecurityCollector::Event & event)580 void AcquireDataSubscribeManager::UploadEvent(const SecurityCollector::Event &event)
581 {
582 SGLOGD("UploadEvent eventid = %{public}" PRId64, event.eventId);
583 SGLOGD("UploadEvent event conetnt = %{private}s", event.content.c_str());
584 if (!DataFormat::CheckRiskContent(event.content)) {
585 SGLOGE("CheckRiskContent error");
586 return;
587 }
588 SecurityCollector::Event retEvent = event;
589 EventCfg config {};
590 {
591 std::lock_guard<ffrt::mutex> lock(userIdMutex_);
592 retEvent.userId = userId_;
593 #ifdef SECURITY_GUARD_ENABLE_DEVICE_ID
594 retEvent.deviceId = deviceId_;
595 #endif
596 }
597 if (!ConfigDataManager::GetInstance().GetEventConfig(retEvent.eventId, config)) {
598 SGLOGE("GetEventConfig fail eventId=%{public}" PRId64, event.eventId);
599 return;
600 }
601 // change old event id to new eventid
602 retEvent.eventId = config.eventId;
603 if (eventWrapper_ != nullptr) {
604 eventWrapper_()->WrapperEvent(retEvent);
605 }
606 if (eventFilter_ != nullptr) {
607 eventFilter_()->GetFlagsEventNeedToUpload(retEvent);
608 }
609 UploadEventToSub(retEvent);
610 UploadEventToStore(retEvent);
611 }
612
GetSecurityCollectorEventBufSize(const SecurityCollector::Event & event)613 size_t AcquireDataSubscribeManager::GetSecurityCollectorEventBufSize(const SecurityCollector::Event &event)
614 {
615 size_t res = sizeof(event.eventId);
616 res += event.version.length();
617 res += event.content.length();
618 res += event.extra.length();
619 res += event.timestamp.length();
620 for (const auto &i : event.eventSubscribes) {
621 res += i.length();
622 }
623 return res;
624 }
625
IsFindFlag(const std::set<std::string> & eventSubscribes,int64_t eventId,const std::string & clientId)626 bool AcquireDataSubscribeManager::IsFindFlag(const std::set<std::string> &eventSubscribes, int64_t eventId,
627 const std::string &clientId)
628 {
629 if (sessionsMap_.find(clientId) == sessionsMap_.end()) {
630 return false;
631 }
632 if (sessionsMap_.at(clientId)->eventFilters.find(eventId) == sessionsMap_.at(clientId)->eventFilters.end() ||
633 sessionsMap_.at(clientId)->eventFilters.at(eventId).empty()) {
634 return true;
635 }
636 if (eventSubscribes.find(clientId) != eventSubscribes.end()) {
637 return true;
638 }
639 return false;
640 }
641
PublishEventToSub(const SecurityCollector::Event & event)642 bool AcquireDataSubscribeManager::PublishEventToSub(const SecurityCollector::Event &event)
643 {
644 EventCfg config {};
645 if (!ConfigDataManager::GetInstance().GetEventConfig(event.eventId, config)) {
646 SGLOGE("GetEventConfig fail eventId=%{public}" PRId64, event.eventId);
647 return false;
648 }
649 std::lock_guard<ffrt::mutex> lock(sessionMutex_);
650 for (auto &it : sessionsMap_) {
651 if (it.second->subEvents.find(event.eventId) == it.second->subEvents.end()) {
652 continue;
653 }
654 if (IsFindFlag(event.eventSubscribes, event.eventId, it.second->clientId)) {
655 NotifySub(it.second->callback, event);
656 }
657 }
658 SGLOGD("publish eventid=%{public}" PRId64, event.eventId);
659 for (auto iter : event.eventSubscribes) {
660 SGLOGD("publish eventSubscribes =%{public}s", iter.c_str());
661 }
662 return true;
663 }
664
OnChange(uint32_t optType,const SecEvent & events,const std::set<std::string> & eventSubscribes)665 void AcquireDataSubscribeManager::DbListener::OnChange(uint32_t optType, const SecEvent &events,
666 const std::set<std::string> &eventSubscribes)
667 {}
668
OnNotify(const SecurityCollector::Event & event)669 void AcquireDataSubscribeManager::CollectorListener::OnNotify(const SecurityCollector::Event &event)
670 {
671 AcquireDataSubscribeManager::GetInstance().UploadEvent(event);
672 }
673
OnNotify(const SecurityCollector::Event & event)674 int32_t AcquireDataSubscribeManager::SecurityCollectorSubscriber::OnNotify(const SecurityCollector::Event &event)
675 {
676 AcquireDataSubscribeManager::GetInstance().UploadEvent(event);
677 return 0;
678 }
679
CheckInsertMute(const EventMuteFilter & filter,const std::string & clientId)680 int AcquireDataSubscribeManager::CheckInsertMute(const EventMuteFilter &filter, const std::string &clientId)
681 {
682 if (sessionsMap_.find(clientId) == sessionsMap_.end() || sessionsMap_.at(clientId) == nullptr) {
683 SGLOGE("clientId not creat");
684 return BAD_PARAM;
685 }
686 auto finder = [filter](const EventMuteFilter &it) {
687 return filter.eventId == it.eventId && filter.isInclude == it.isInclude &&
688 filter.type == it.type && filter.mutes.size() == it.mutes.size() && filter.mutes == it.mutes;
689 };
690 if (sessionsMap_.at(clientId)->eventFilters.find(filter.eventId) != sessionsMap_.at(clientId)->eventFilters.end() &&
691 find_if(sessionsMap_.at(clientId)->eventFilters.at(filter.eventId).begin(),
692 sessionsMap_.at(clientId)->eventFilters.at(filter.eventId).end(), finder) !=
693 sessionsMap_.at(clientId)->eventFilters.at(filter.eventId).end()) {
694 SGLOGE("filter exist");
695 return BAD_PARAM;
696 }
697 return SUCCESS;
698 }
699 // LCOV_EXCL_STOP
InsertSubscribeMute(const EventMuteFilter & filter,const std::string & clientId)700 int AcquireDataSubscribeManager::InsertSubscribeMute(const EventMuteFilter &filter, const std::string &clientId)
701 {
702 SGLOGI("in AcquireDataSubscribeManager InsertSubscribeMute, clientId %{public}s", clientId.c_str());
703 std::lock_guard<ffrt::mutex> lock(sessionMutex_);
704 int ret = CheckInsertMute(filter, clientId);
705 if (ret != SUCCESS) {
706 SGLOGE("CheckInsertMute failed, ret=%{public}d", ret);
707 return ret;
708 }
709 if (sessionsMap_.at(clientId)->subEvents.find(filter.eventId) == sessionsMap_.at(clientId)->subEvents.end()) {
710 SGLOGW("current event not subscribe, cache filter now evetid= %{public}" PRId64, filter.eventId);
711 sessionsMap_.at(clientId)->eventFilters[filter.eventId].emplace_back(filter);
712 return SUCCESS;
713 }
714 ret = InsertMute(filter, clientId);
715 if (ret != SUCCESS) {
716 SGLOGE("InsertMute failed, ret=%{public}d", ret);
717 return ret;
718 }
719 sessionsMap_.at(clientId)->eventFilters[filter.eventId].emplace_back(filter);
720 return SUCCESS;
721 }
722 // LCOV_EXCL_START
SubscriberEventOnSgStart()723 void AcquireDataSubscribeManager::SubscriberEventOnSgStart()
724 {
725 std::vector<int64_t> eventIds = ConfigDataManager::GetInstance().GetAllEventIds();
726 std::vector<int64_t> onStartEventList;
727 for (int64_t eventId : eventIds) {
728 EventCfg eventCfg;
729 bool isSuccess = ConfigDataManager::GetInstance().GetEventConfig(eventId, eventCfg);
730 if (!isSuccess) {
731 SGLOGI("GetEventConfig error");
732 } else if (eventCfg.collectOnStart == 1) {
733 onStartEventList.push_back(eventId);
734 }
735 }
736 if (listener_ == nullptr || collectorListener_ == nullptr) {
737 SGLOGI("listener or collectorListener is nullptr");
738 return;
739 }
740 if (DatabaseManager::GetInstance().SubscribeDb(onStartEventList, listener_) != SUCCESS) {
741 SGLOGE("SubscribeDb error");
742 }
743 if (!SecurityCollector::DataCollection::GetInstance().SubscribeCollectors(onStartEventList, collectorListener_)) {
744 SGLOGE("subscribe sg failed");
745 }
746 }
747
RemoveMute(const EventMuteFilter & filter,const std::string & clientId)748 int AcquireDataSubscribeManager::RemoveMute(const EventMuteFilter &filter, const std::string &clientId)
749 {
750 EventCfg config {};
751 SecurityCollector::SecurityCollectorEventMuteFilter collectorFilter = ConvertFilter(filter, clientId);
752 if (!ConfigDataManager::GetInstance().GetEventConfig(collectorFilter.eventId, config)) {
753 SGLOGE("GetEventConfig error");
754 return BAD_PARAM;
755 }
756 if (eventFilter_ == nullptr) {
757 SGLOGE("eventFilter_ is null");
758 return NULL_OBJECT;
759 }
760 int ret = eventFilter_()->RemoveEventFilter(collectorFilter);
761 if (ret != SUCCESS) {
762 SGLOGE("RemoveEventFilter failed, ret=%{public}d", ret);
763 return ret;
764 }
765 return SUCCESS;
766 }
767 // LCOV_EXCL_STOP
RemoveSubscribeMute(const EventMuteFilter & filter,const std::string & clientId)768 int AcquireDataSubscribeManager::RemoveSubscribeMute(const EventMuteFilter &filter, const std::string &clientId)
769 {
770 std::lock_guard<ffrt::mutex> lock(sessionMutex_);
771 SGLOGI("in AcquireDataSubscribeManager RemoveSubscribeMute, clientId %{public}s", clientId.c_str());
772 if (sessionsMap_.find(clientId) == sessionsMap_.end() || sessionsMap_.at(clientId) == nullptr) {
773 SGLOGE("clientId not creat");
774 return BAD_PARAM;
775 }
776 auto finder = [filter](const EventMuteFilter &it) {
777 return filter.eventId == it.eventId && filter.isInclude == it.isInclude &&
778 filter.type == it.type && filter.mutes.size() == it.mutes.size() && filter.mutes == it.mutes;
779 };
780 if (sessionsMap_.at(clientId)->eventFilters.find(filter.eventId) == sessionsMap_.at(clientId)->eventFilters.end()) {
781 SGLOGE("filter event id not exist");
782 return BAD_PARAM;
783 }
784 auto iter = find_if(sessionsMap_.at(clientId)->eventFilters.at(filter.eventId).begin(),
785 sessionsMap_.at(clientId)->eventFilters.at(filter.eventId).end(), finder);
786 if (iter == sessionsMap_.at(clientId)->eventFilters.at(filter.eventId).end()) {
787 SGLOGE("filter not exist");
788 return BAD_PARAM;
789 }
790 if (sessionsMap_.at(clientId)->subEvents.find(filter.eventId) == sessionsMap_.at(clientId)->subEvents.end()) {
791 SGLOGW("current event not subscribe, erase filter now evetid= %{public}" PRId64, filter.eventId);
792 iter = sessionsMap_.at(clientId)->eventFilters[filter.eventId].erase(iter);
793 if (sessionsMap_.at(clientId)->eventFilters[filter.eventId].empty()) {
794 sessionsMap_.at(clientId)->eventFilters.erase(filter.eventId);
795 }
796 return SUCCESS;
797 }
798 int ret = RemoveMute(filter, clientId);
799 if (ret != SUCCESS) {
800 SGLOGE("RemoveMute failed, ret=%{public}d", ret);
801 return ret;
802 }
803 iter = sessionsMap_.at(clientId)->eventFilters[filter.eventId].erase(iter);
804 if (sessionsMap_.at(clientId)->eventFilters[filter.eventId].empty()) {
805 sessionsMap_.at(clientId)->eventFilters.erase(filter.eventId);
806 }
807 return SUCCESS;
808 }
809 // LCOV_EXCL_START
ConvertFilter(const SecurityGuard::EventMuteFilter & sgFilter,const std::string & clientId)810 SecurityCollector::SecurityCollectorEventMuteFilter AcquireDataSubscribeManager::ConvertFilter(
811 const SecurityGuard::EventMuteFilter &sgFilter, const std::string &clientId)
812 {
813 SecurityCollector::SecurityCollectorEventMuteFilter collectorFilter {};
814 collectorFilter.eventId = sgFilter.eventId;
815 collectorFilter.mutes = sgFilter.mutes;
816 collectorFilter.type = sgFilter.type;
817 collectorFilter.isInclude = sgFilter.isInclude;
818 collectorFilter.isSetMute = false;
819 collectorFilter.instanceFlag = clientId;
820 return collectorFilter;
821 }
822 // LCOV_EXCL_STOP
CreatClient(const std::string & eventGroup,const std::string & clientId,const sptr<IRemoteObject> & cb)823 int AcquireDataSubscribeManager::CreatClient(const std::string &eventGroup, const std::string &clientId,
824 const sptr<IRemoteObject> &cb)
825 {
826 AccessToken::AccessTokenID callerToken = IPCSkeleton::GetCallingTokenID();
827 int ret = IsExceedLimited(clientId, callerToken);
828 if (ret != SUCCESS) {
829 SGLOGE("IsExceedLimited error");
830 return ret;
831 }
832 {
833 std::lock_guard<ffrt::mutex> lock(sessionMutex_);
834 if (sessionsMap_.find(clientId) != sessionsMap_.end()) {
835 SGLOGE("current clientId exist");
836 return BAD_PARAM;
837 }
838 }
839 auto session = std::make_shared<ClientSession>();
840 session->clientId = clientId;
841 session->callback = cb;
842 session->tokenId = callerToken;
843 session->eventGroup = eventGroup;
844 {
845 std::lock_guard<ffrt::mutex> lock(sessionMutex_);
846 sessionsMap_[clientId] = session;
847 }
848 return SUCCESS;
849 }
850
DestoryClient(const std::string & eventGroup,const std::string & clientId)851 int AcquireDataSubscribeManager::DestoryClient(const std::string &eventGroup, const std::string &clientId)
852 {
853 std::lock_guard<ffrt::mutex> lock(sessionMutex_);
854 auto iter = sessionsMap_.find(clientId);
855 if (iter == sessionsMap_.end()) {
856 SGLOGE("current clientId not exist");
857 return BAD_PARAM;
858 }
859 for (auto iter : sessionsMap_.at(clientId)->subEvents) {
860 UnSubscribeSc(iter);
861 }
862 for (auto iter : sessionsMap_.at(clientId)->eventFilters) {
863 for (auto it : iter.second) {
864 RemoveMute(it, clientId);
865 }
866 }
867 sessionsMap_.erase(clientId);
868 return SUCCESS;
869 }
870
871 // LCOV_EXCL_START
IsExceedLimited(const std::string & clientId,AccessToken::AccessTokenID callerToken)872 int AcquireDataSubscribeManager::IsExceedLimited(const std::string &clientId, AccessToken::AccessTokenID callerToken)
873 {
874 // old subscribe api no need to count
875 if (clientId.find("sdk") != std::string::npos) {
876 return SUCCESS;
877 }
878 std::lock_guard<ffrt::mutex> lock(sessionMutex_);
879 if (sessionsMap_.size() >= MAX_SESSION_SIZE) {
880 SGLOGE("max instance limited");
881 return CLIENT_EXCEED_GLOBAL_LIMIT;
882 }
883 std::set<std::string> clients {};
884 for (auto iter : sessionsMap_) {
885 if (iter.second != nullptr && iter.second->tokenId == callerToken) {
886 clients.insert(iter.first);
887 }
888 }
889 if (clients.find(clientId) == clients.end() && clients.size() >= MAX_SESSION_SIZE_ONE_PROCESS) {
890 SGLOGE("max instance one process limited");
891 return CLIENT_EXCEED_PROCESS_LIMIT;
892 }
893 return SUCCESS;
894 }
895 // LCOV_EXCL_STOP
896 }
897